Disk Encryption

Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage.

Expressions full disk encryption (FDE) or whole disk encryption often signify that everything on disk is encrypted – including the programs that can encrypt bootable operating system partitions – when part of the disk is necessarily not encrypted. FileVault 2 encrypts the OS X startup volume in its entirety; authorised FDE users’ information is loaded from a separate non encrypted boot volume (partition/slice type Apple_Boot). On systems that use a master boot record (MBR), that part of the disk remains non encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR.

Read more about Disk Encryption:  Disk Encryption Vs. Filesystem-level Encryption, Disk Encryption and Trusted Platform Module, Implementations, Password/data Recovery Mechanism, Security Concerns

Other articles related to "disk encryption, disk, encryption":

Disk Encryption Theory - Problem Definition
... Disk encryption methods aim to provide three distinct properties The data on the disk should remain confidential Data retrieval and storage should both be fast operations, no matter where on the ... The encryption method should not waste disk space (i.e ... The strongest adversaries studied in the field of disk encryption have these abilities they can read the raw contents of the disk at any time they can request the disk to encrypt and store ...
Full Disk Encryption - The Boot Key Problem
... One issue to address in full disk encryption is that the blocks where the operating system is stored must be decrypted before the OS can boot, meaning that the key has to be available before there is ... Most Full Disk Encryption solutions utilize Pre-Boot Authentication by loading a small, highly secure operating system which is strictly locked down and hashed versus system variables ... Some implementations such as BitLocker Drive Encryption can make use of hardware such as a Trusted Platform Module to ensure the integrity of the boot ...
Linux Unified Key Setup
... In computing, the Linux Unified Key Setup or LUKS is a disk-encryption specification created by Clemens Fruhwirth and originally intended for Linux ... While most disk encryption software implements different and incompatible, undocumented formats, LUKS specifies a platform-independent standard on-disk format for use in various tools ... an enhanced version of cryptsetup, using dm-crypt as the disk encryption backend ...
Cold Boot Attack - Description
... are now available to perform this task for attacks against some popular encryption systems) ... has been demonstrated to be effective against full disk encryption schemes of various vendors and operating systems, even where a Trusted Platform Module (TPM) secure cryptoprocessor is used ... While the focus of current research is on disk encryption, any sensitive data held in memory is vulnerable to the attack ...
Best Practices Against Laptop Theft - Inside Protection
... Full disk encryption (FDE) is an increasingly popular and cost-effective approach ... Full disk encryption can be taken on from a software-based approach, a hardware-based approach, or both - end-based approach ... measure for files stored on a laptop, though combined with disk encryption software they can reliably protect data against unauthorized access ...

Famous quotes containing the word disk:

    Unloved, that beech will gather brown,
    This maple burn itself away;

    Unloved, the sun-flower, shining fair,
    Ray round with flames her disk of seed,
    And many a rose-carnation feed
    With summer spice the humming air;
    Alfred Tennyson (1809–1892)